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Application No. 

09/451.090 


Applicant(s) 
SANDHU ET AL 


Examiner 

Khanh Dinh 


Art Unit 

2155 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may l>e available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )^ Responsive to communication(s) filed on 27 October 2003 . 
2a)n This action is FINAL. 2b)S Tills action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 79-117 Is/are pending in the application. 

4a) Of the above claim(s) Is/are withdrawn from consideration. 

5) n Claim(s) Is/are allowed. 

6) ^ Claim(s) 79-117 is/are rejected. 

Claim(s) is/are objected to. 

8) D Clalm(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing{s) filed on is/are: a)n accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
11 )□ The proposed drawing correction filed on Is: a)n approved b)n disapproved by the Examiner. 

If approved, corrected drawings are required In reply to this Office action. 

12) 0 The oath or declaration Is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 



3.n Copies of the certified copies of the priority documents have been received In this National Stage 
application from the International Bureau (POT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) D The translation of the foreign language provisional application has been received. 

15) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 



1) ^ Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) n Infonmation Disclosure Statennent(s) (PTO-1449) Paper No(s) . 



4) □ Interview Sumnnary (PTO-41 3) Paper No(s). 

5) CD Notice of Infonnal Patent Application (PTO-1 52) 

6) D Other: 



U.S. Patent and Trademartc Office 
PTOL-326 (Rev. 04-01) 
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DETAILED ACTION 



1 . This is in response to the Request for Continued Examination filed on 10/27/2003 
(paper #15). Claims 79-1 17 are presented for examination. 



2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this 
title before the invention thereof by the applicant for patent. 



The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AlPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AlPA (pre-AlPA 35 U.S.C. 102(e)). 

3. Claims 79-82. 89, 97-1 00, 1 03. 1 1 2, 1 1 3, 1 1 5-1 1 7 are rejected under 35 

U.S.C. 102(e) as being anticipated by Shi et al. US pat. No.5,875.296. 

As to claim 79, Shi discloses a system for transfer of secure data on a network (internet) 

comprising: 



Claim Rejections - 35 USC § 102 
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a) a client (10 fig. 1) capable of presenting conforming client data. 

b) a server (server 12 fig.1) capable of using said conforming client data to 
create at least one secure cookie (i.e., processing data upon receiving request from a 
client and creating a cookie according to credentials of a user, see figs.1 , 2, abstract, 
col.4 line 9 to col.5 line 60 and col.6 lines 2-47), each of said at least one secure cookie 
including: 

1) a domain field capable of holding domain data to associate said secure 
cookie to a domain where said secure cookie is valid (i.e., containing a domain name or 
the requester, see fig.4, col.6 line 48 to col. 7 line 10). 

ii) at least one name field capable of holding name data (see col. 7 lines 1-67). 

iii) at least one value field capable of holding value data derived from said 
conforming client data (see col. 7 lines 1-67). 

iv) an expiration field capable of holding cookie expiration data (EXPIRE field, 
col.7 lines 1-67). 

c) a network (processing information over a network) capable of transporting at 
least one of said at least one secure cookie between said server and said client 
(see fig.4, col.7 line 16 to col.8 line 61). 

d) a client storage means capable of storing at least one of said at least one 
secure cookie and a secure attribute sen/ice between said client and said server 
using said at least one of said at least one secure cookie (see col.4 lines 1-48 
and col.5 line 40 to col.6 line 48). 
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As to claims 80 and 81, Shi disclose a web browser (16 fig. 1) and at least one of 
said at least one secure cookie is an authentication cookie (see col. 5 line 24 to col.6 
line 67), 

As to claim 82, Shi discloses the secure attribute service including said server 
authenticating said client by comparing said conforming client data to said value data 
(i.e., processing data upon receiving request from a client and creating a cookie 
according to credentials of a user, see figs.1 , 2, abstract, col.4 line 9 to col. 5 line 60 and 
col.6 lines 2-47). 

As to claims 89, 103, 112 and 115, Shi further discloses a Kerberos ticket (see 
col. 5 line 40 to ocl.6 line 12) and creating integrity data from at least one secure cookie, 
encrypting client data (using encrypting mechanism, see col.1 line 51 to ocl.2 line 18), 
inputting integrity data into a seal cookie and storing said cookie (see col. 5 line 39 to 
col.6 line 67 and col.7 line 15 to col.8 line 61). 

As to claim 97, 98 and 116, Shi discloses that at least one of said at least one secure 
cookie is used in an electronic transaction and a part of a role based access control 
system and at least one of said at least one secure cookie is used in assigning client 
roles (i.e., see figs.1 , 2, abstract, col.4 line 9 to col.5 line 60 and col.6 lines 2-47). 

As to claim 99, Shi discloses a method for the transfer of secure data on a network 
including the steps of: 
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a client (10 fig. 1) making a request from a server (12 fig.1 and said server 
retrieving conforming client data (see fig.1, col.4 lines 8-48). 

said server creating at least one secure cookie, each of said at least one secure 
cookie including selected conforming client data, said selected conforming data 
including at least some of said conforming client data (i.e., processing data upon 
receiving request from a client and creating a cookie according to credentials of a user, 
see figs.1. 2, abstract, col.4 line 9 to col. 5 line 60 and col. 6 lines 2-47). 

said server (12 fig.1) transmitting at least one of said at least one secure cookie 
to said client and said client storing at least one of said at least one secure cookie (see 
col.7 lines 6-67). 

said client (10 fig.1) presenting to a related server at least one of said stored at 
least one secure cookie with a second request, said related server residing on the same 
domain as said server (i.e., request containing a domain name or the requester, see 
col.7 line 26 to col.8 line 61). 

said related server making a determination of whether at least one of said at 
least one retrieved stored at least one secure cookie contains said selected 
conforming client data and said related server fulfilling said second request if said 
determination is positive (determine if the authentication is valid, see col.8 line 13 
to col.9 line 36). 

As to claims 100 and 113, Shi discloses said conforming client data in retrieved from 
said client and determination is positive only if said selected conforming client data was 
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retrieved by said server from said client during the current session (See col.5 line 39 to 
col.6 line 67 and col.8 line 13 to col.9 line 36). 

As to claim 117, Shi discloses a request is part of an attribute-based access control 
function session (see col. 7 line 15 to col.8 line 61 and col.8 line 13 to col.9 line 36). 



Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patent ability shall not be negative by the manner in which the invention was 
made. 

5. Claims 83-88, 90- 96, 101, 102. 104-108, 109-111 and 114 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Shi et al., US pat. No.5,875,296 in view of 
Wiser et al US pat. No.6,385,596. 

As to claims 83-88, 96, 101, 102, 104, 108. Ill and 114, Shi's teachings still applied 
as in item 3 above. Shi discloses an encryption algorithm, password cookie including a 
password (i.e., using encrypting mechanism, see col.1 line 51 to col. 2 line 18 and col. 7 
line 7 to col.8 line 67). Shi does not specifically disclose the client's IP address, a 
hashing algorithm, and a digital signature on a timestamp, secret-key based 
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authentication service. However, Wiser discloses the client's IP address, a hashing 
algorithm, secret-key based authentication service and an encryption session key (i.e., 
using multiple levels of encryptions such as Password Authentication Protocol, see 
abstract, col. 16 line 4 to col. 19 line 59, col. 10 line 13 to col. 12 line 54 and col. 16 line 4 
to col. 19 line 59 and col.20 line 10 to col.21 line 61). It would have been obvious to 
one of the ordinary skill in the art at the time the invention was made to implement 
Wiser's teachings into the computer system of Angles to identify a host computer 
because it would have enabled users to identify a host connected to the Internet to 
other Internet hosts and provided more secure delivery of data over the Internet. 

As to claims 90 and 91 , Shi discloses at least one secure cookie includes a multitude of 
secure cookies and a seal cookie capable of being used by said server to determine if 
another cookie in said multitude of secure cookies has been altered (see col.7 line 15 
to col.8 line 61 and col.8 line 13 to col.9 line 36). 

As to claims 92, 93 and 109, Shi discloses that the seal cookie includes an integrity 
check value and the signature of a message digest signed using a private key (see col.7 
line 15 to coL8 line 61 and coL8 line 13 to coL9 line 36). 

As to claims 94 and 95, Shi discloses at least one of said at least one name field and at 
least one of said at least one value field are a pair, and one secure cookie further 
includes a flag, said flag specifying whether all machines within said domain referenced 
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by said domain data can access said value data (i.e., NAME and VALUE pair, see fig.4, 
col. 7 line 1 to col.8 line 61). 

As to claims 105 -107 and 110, Shi discloses determination further includes verifying 
that digital signature belongs to said client and including the step of said server 
encrypting at least some of said selected conforming client data, a public key and a 
secret key (see col.1 line 51 to ocl.2 line 18 and col. 5 line 12 to coL6 line 67). 

Other prior art cited 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. White, US pat. No.6,049,877. 

Response to Arguments 

7. Applicant's arguments with respect to claims 79-1 17 (paper #16, filed on 
10/27/2003) have been considered but are moot in view of the new ground(s) of 
rejection. 

Conclusion 

6. Claims 79-1 1 7 are rejected. 
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9. Any inquiry concerning tiiis communication or earlier communications from the 
examiner should be directed to Khanh Dinh whose telephone number is 703-308-8528. 
The examiner can normally be reached on 8:00 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Alam Hosain, can be reached on (703) 308-6662. The fax phone numbers 
for the organization where this application or proceeding is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
9600. 



Khanh Dinh 
Examiner 
Art Unit 21 55 



*** 

November 3, 2003 



